CP
cyberpings
FraudHIGH

Drift Protocol - North Korean Hackers Steal $280 Million

Featured image for Drift Protocol - North Korean Hackers Steal $280 Million
BCBleepingComputer
Drift ProtocolNorth Koreafinancial theftSolanaPeckShield
🎯

Basically, hackers tricked a trading platform into giving them control and stole millions.

Quick Summary

North Korean hackers have stolen $280 million from the Drift Protocol by manipulating admin powers. This attack has frozen operations, affecting thousands of traders. Drift is investigating and working to recover the funds.

What Happened

The Drift Protocol, a decentralized finance (DeFi) trading platform on the Solana blockchain, has suffered a significant loss of at least $280 million due to a sophisticated attack attributed to North Korean hackers. This incident highlights the vulnerabilities in DeFi systems, where administrative powers can be manipulated for malicious purposes.

How the Attack Unfolded

The attackers executed a well-planned operation between March 23 and March 30. They set up durable nonce accounts and obtained 2/5 multisig approvals from members of the Drift Protocol's Security Council. This strategic move allowed them to pre-sign malicious transactions without immediate execution. On April 1, the attackers performed a legitimate transaction, followed by executing the pre-signed malicious transactions, which transferred admin control to themselves within minutes.

Who's Affected

The attack has severely impacted 200,000 traders who utilized the Drift Protocol, which previously boasted total trading volumes exceeding $55 billion. As a result of the breach, all protocol functions are essentially frozen, affecting borrow/lend deposits, vault deposits, and trading funds. Drift has warned users against depositing any funds until further notice.

What Data Was Exposed

While no seed phrases were compromised and no flaws in the smart contracts were exploited, the attackers were able to introduce a malicious asset and remove withdrawal limits, facilitating the theft of funds. The precise nature of the data exposed remains limited, but the financial implications are substantial.

What You Should Do

Users of the Drift Protocol should remain vigilant and avoid any transactions until the situation is resolved. Drift is actively working with security firms, cryptocurrency exchanges, and law enforcement to trace and freeze the stolen funds. A detailed post-mortem report is expected to be released soon, which will provide further insights into the attack and recovery efforts.

Conclusion

This incident serves as a stark reminder of the risks associated with DeFi platforms. The sophistication of the attack underscores the need for enhanced security measures and vigilance in the cryptocurrency space. As the Drift Protocol navigates this crisis, users should stay informed and cautious about their investments.

🔒 Pro insight: This incident showcases the evolving tactics of state-sponsored actors in exploiting DeFi vulnerabilities, emphasizing the need for robust security protocols.

Original article from

BCBleepingComputer· Bill Toulas
Read Full Article

Share

Related Pings

HIGHFraud

Microsoft Device Code Phishing - EvilTokens Kit Discovered

A global phishing campaign is exploiting Microsoft's device code system using the EvilTokens kit. Organizations are at risk of losing sensitive data as attackers gain access to accounts. Vigilance and security measures are crucial to thwart these threats.

SC Media·
HIGHFraud

Drift Protocol - $285 Million Lost in Major Crypto Heist

Drift Protocol has lost an estimated $285 million in a major crypto heist linked to an exposed private key. All transactions are suspended as investigations proceed. This incident underscores the vulnerabilities in decentralized finance platforms.

SC Media·
HIGHFraud

Drift Protocol Hacked - $280 Million Stolen in Heist

A major security breach at Drift Protocol has resulted in a staggering $280 million loss. The hackers executed a sophisticated attack without exploiting flaws. Users are advised to avoid depositing funds while investigations are ongoing.

BleepingComputer·
MEDIUMFraud

Business Email Compromise - The New Threat Landscape Explained

A recent fraud attempt shows how business email compromise is evolving. Small organizations are now prime targets for these scams. Awareness is key to staying safe.

Cisco Talos Intelligence·
HIGHFraud

Drift Crypto Platform Hack - $280 Million Stolen by North Korea

A massive $280 million was stolen from Drift, a crypto platform, linked to North Korean hackers. This breach raises alarms about security in decentralized finance. Drift is working to trace the stolen assets and improve security measures.

The Record·
HIGHFraud

Vacant Homes - Adversaries Exploit Mail for Fraud

Criminals are exploiting vacant homes to intercept mail and commit fraud. This method targets sensitive information, leading to identity theft. Stay vigilant and monitor your mail to protect yourself.

BleepingComputer·